Also referred to as dynamic packet filtering. Check Point Software is credited with creating the term stateful inspection when it was used in the company’s 1993 FireWall-1. Today, stateful inspection is generally known as firewall architecture working at the network layer. Different from static packet filtering, which looks at a packet based on the information in the packet header, stateful inspection tracks every connection traveling through all firewall network interfaces to make sure that they are valid.
Moreover, a stateful inspection firewall looks at both the header information and the packet contents on all protocol layers including the application layer to ascertain more about the packet than merely its source and destination. A firewall with stateful inspection also monitors the connection state and puts the data together in a state table. Thus, filtering decisions are based not just on configured rules by the administrator (as is the case in static packet filtering) but also on context established by the packets that have previously passed through the firewall.
Jupitermedia Corporation. What is Stateful Inspection? [Online, August 18, 2003.] Jupitermedia Corporation Website. http://www.webopedia.com/TERM/S/ stateful_inspection.html.